This article is written by Abhishek Kurian studying at National Law University, Odisha. In this article, he discusses the concerns regarding the safety of Zoom Application and the different measures taken to resolve them.
The use of online forums for conducting webinars, online courses, video conferences and even online family meetings has become prevalent with the rapid growth in technology. The clarity of a video call and the multitude of features that are associated with it has also seen a significant improvement in the past decade. In fact, it is expected that more than 2 billion people (see here) or half of the world’s employees would take part in video conferencing by the next decade! It is rightly so, as the use of video conferencing has a lot of benefits that include reducing commuting time, avoiding costly conference halls, the better recollection of discussions and overall easier facilitation and accessibility.
One of the video conferencing apps that became very popular for both good and bad reasons is the Zoom app. It is a user-friendly video-conferencing application that has recently been the centre of many controversies and security concerns, maybe because it was in fact way too easy to use.
Its safety has been a concern for many and if you are also pondering whether the app is safe or not to use, you must give this article a read. But to understand the issues associated with its safety, it is essential to understand its use and functioning. Let’s understand what the app is and how it works.
An introduction to the Zoom app
If you are a student, teacher, lawyer or any other working professional you would have used, considered using or at least heard of the Zoom application.
Zoom is a video-conferencing app that allows you to host and attend video conferences. It has a paid and an unpaid version and both have seen immense growth in recent times owing to the COVID-19 pandemic. It started off as a simple group video call application that allowed up to 15 participants in one call and in a short period of time, it became one of the most popular video calling apps and outgrew many of its competitors.
Some of its basic features include:
- It is compatible with almost all operating systems (Windows, iOS, macOS, Android, Linux).
- It has a total of 5 different subscriptions including the free versions.
- It allows video conferencing for up to 100 people for the free version of the application and up to 500 participants for its paid subscriptions.
- The duration of each meeting for the free version has a limit of 40 minutes, whereas for the paid subscriptions the time duration is unlimited.
- It could be downloaded on the phone as well as on a laptop or a computer.
- It also has the option of screen sharing, which could be used in meetings, classes and presentations.
Overall, this app had started to prove very useful to people and even before the pandemic-induced lockdown there was an enormous increase in the number of users and participants in the months of January and February. According to Bernstein’s report (see here) Zoom had a total of 2.2 million new users in these two months which is before the COVID-19 was declared to be a pandemic.
Increased use during Pandemic
We have discussed the functioning of the app and its growth before the lockdown started in most countries. Now, let’s understand how the pandemic resulted in a massive increase and how that made it a more vulnerable platform.
The unexpected lockdown that shut all schools, colleges, companies, etc. desperately required an online platform to resume its functioning so that minimal loss was faced by them. Zoom was already one of the most popular video conferencing apps and the lockdown gave it the impetus to shatter all its existing records in terms of its number of participants, users, number of downloads per day and revenue.
How much increase was seen during the pandemic?
Firstly, it is very important to understand the terms, participants and users per day. The term participant means a person who was part of a Zoom meeting or anybody who entered the meeting. A user is a person who has used the application for a meeting that day.
Basically, if I have attended 5 Zoom meetings in a day, I would be counted as 5 participants for that day. But, I would be counted as only one user for all the 5 meetings or any number of meetings for that matter.
The hike in the number of daily participants per day was a staggering 3000% increase in its number of participants per day in a span of only 5 months. A graph depicts the unprecedented increase, starting from the month of December 2019 with over 10 million daily participants to April 2020 with more than 300 million participants.
Some other interesting facts showing its ridiculous growth are:
- The number of daily downloads of the Zoom app increased from 56000 downloads per day in January 2020 to 2.13 million downloads in March 2020.
- The total monthly active users (MAU) saw an increase of over 4.3 million in the period between 2019 to February 2020.
For all stats see here.
Why did Zoom see the massive increase compared to other applications
It is ironic that the founder of Zoom, Eric Yuan was earlier an employee of Webex which is one of its biggest competitors. Maybe, that is something that helped Eric in actually overcoming his better competitors in a short period of time.
While many video conferencing apps saw the highest increase in its users and downloads, Zoom introduced certain features that were unique to its platform and were able to adequately help the different industries to carry on their work seamlessly. These included:
Unlimited Free usage
This was one of its major selling points as Zoom provided unlimited access to the application free of cost. Its other competitors either had only a free trial for one month or had a lower limit on the number of participants.
Apart from being free, Zoom also did not need an account to be created in order to attend a Zoom meeting. This made it very easy to access and avoid the hassle of accounts, passwords, signing in etc.
Screen sharing is another feature that is not available in many other online platforms which helped in sharing material and using it in a video conference.
A facility of a virtual white-board coupled with its screen sharing option made it only fitting for many schools and colleges to choose Zoom over other applications. It was a very useful feature for firms as well who could use this feature effectively for online meetings and discussions.
The timings for a video conference or class would not be suitable for each and every participant, especially in such times. A facility for recording certainly helped such people in accessing important webinars or classes.
Zoom did not have to be necessarily downloaded and could be directly used from a browser.
What are the major sectors that use Zoom
While almost all major sectors and industries used Zoom there were many which used it more prominently than others. These included:
- Educational institutions: Learning must never stop and keeping that in mind many schools and colleges all over the world carry on with their schedules using Zoom.
- Firms and companies all over the world saw a significant increase in its use of the application.
- Personal purposes: Zoom was used by many of us as well, not for any professional purposes but to connect with our loved ones resorting to large group video calls as a substitute to parties or public gatherings.
- Health Care: This industry surprisingly also communicated using this app as there was no means to meet personally and the hospitals were filled with COVID patients.
Complaints and issues raised
With the increasing users, easy to access facilities and a wide range of purposes came along ease in hacking and bugging this system. There was a grave threat to security and privacy that resulted in many banning the Zoom app.
Among many, Google and SpaceX banned its employees from using this application and disabled this app from its servers. Government agencies like NASA and even administrative bodies of many countries banned the use of this app looking for other alternatives.
The complaints and issues that were raised by the people were:
The most common issue with the users was that there were intruders who had easy access to these meetings by getting hold of the joining code or meeting ID or even randomly entering codes which would result in them joining these meetings. There results in the possibility of cases where this would cause leakage of confidential information discussed in meetings or conferences.
This was especially common in webinars where the host would not know all the people who would be attending the meeting.
Absence of End-to-end Encryption
Now, you might have come across this term many times at least on Whatsapp to know that it is of prime importance when it comes to communications. End-to-end encryption basically means that all kinds of communication would remain private and would be known only to communicators. Imagine if this was not done and your messages, your calls and conferences were actually open to others and could even steal the confidential information that was discussed on this platform.
One of the major complaints in the Zoom app was that the meetings were not End-to-End encrypted which was a massive breach of confidentiality and hence people were not comfortable using it.
Zoom had a policy of privacy which was identical to Facebook and Google. There have been reports and complaints of active collection of information of its users which is either sold or shared with third parties. There was a report that stated that around 500000 accounts of Zoom(See here) users were sold on Dark Web!
Dark Web is that part of the internet which is not accessible to all users of the internet and requires particular search engines or software.
Also since the host of a meeting is able to record the entire video and audio, care must be taken to make sure that the host can be trusted.
Issue of Bugs
Bugs are either defaults, flaws or an object on browsers that could harm or monitor the data and activities of a user.
There were bugs that were discovered in the Zoom app as reported by TechCrunch. (See here) These bugs were found to allow the functioning of harmful viruses like Malware and Spyware. One bug was also found to interfere with the use of camera and audio of the device without the user’s direct consent.
Steps taken by the developer
Zoom has taken steps to ensure to its users the quality of the app and to eliminate concerns regarding security and safety of the app as well.
The CEO of Zoom app addressed its users nationally through a blog on zoom talking about the changes that they would make to address security issues.
The settings of Zoom were changed which made passwords, meeting IDs a prerequisite for entering a meeting. Additionally, only the host was allowed to share the screen
Zoom bought a start-up called Keybase for implementing end-to-end encryption and also implemented other standard policies that banned content that was abusive, hateful or sexual in nature.
Earlier the end-to-end encryption was provided only to paid users but then this facility was made available for both paid and unpaid users. The CEO of Zoom also took steps to make live videos for the community to provide instruction regarding its safe use.
An update for Zoom 5.0 was made that was mandated by 30th May. This was to ensure greater security and privacy to its users and participants.
Steps taken by the Indian Government
The Cyber coordination Center of the Ministry of Home Affairs took steps to caution the Indian users about the app’s security and privacy issues. This announcement was a result of a report by the team of Cybersecurity Agency which reported that the app had many weaknesses and vulnerabilities which when coupled with its extensive use throughout the country could lead to many safety issues. They also came out with a set of guidelines for its safe use for those who could still not refrain totally from using this app.
Some of these guidelines included :
- Creation of a new ID and password for each meeting.
- Creation of a waiting room for the meeting.
- Permission to share screen must be given only to hosts
- The meeting must be ‘ended’ and not merely left by the host.
In an attempt to remove the use of this app completely, the Government of India also came out with a challenge to create a video conferencing application and promised a reward of 1 crore rupees to the winner.
Judicial stance on the app
The rights that are violated because of the security issues of the Zoom app
Right to Privacy is a right for all citizens given under the ambit of Right to life (Article 21). As stated by the court in the Aadhaar judgement, it is a necessary condition for the meaningful exercise of other guaranteed freedoms.
The problems caused by the lack of security in the Zoom application resulted in major violations of the right to privacy and cybersecurity of the individuals using the app.
Since we have already discussed the problems associated with it let’s understand how these result in the violations.
Let’s say you are in a meeting in a conference hall and a random stranger walks inside and sits there until the meeting ends, he could be a competitor and there is a chance that he was recording you as well. Wouldn’t this be a breach of your privacy? Well, this is what was happening with the Zoom Bombing in meetings and these intruders would also resort to sharing vulgar material during these meetings.
Then comes the sharing of personal information to Facebook and other third parties which results in another breach of the information that is not supposed to be leaked. The absence of End-to-end encryption also resulted in the breach of procedure that is to be followed under the Information Technology Act, 2008.
Major Court decision
A writ petition was filed in the Supreme Court of India by Harsh Chugh (see here), who was a tuition teacher, requesting the court to ban the use of the Zoom app in India.
Arguments of the Petitioner:
- In the plea, it was argued by the petitioner how the Zoom app misused the data of users and participants. It also mentioned that the bug in the app “that could be abused intentionally to leak information to third parties”.
- It was argued that a writ petition was preferred by the petitioners because of the importance of a safe and secure virtual environment.
- There was a sudden rise in the number of downloads of the app and also the number of hacking incidents as a consequence.
- The problems in the app caused violations of Section 43 of IT Act, 2008 (unconsented access or interference with the computer network of a person) and Article 21 of the Indian constitution(Right to Privacy).
The Supreme Court issued a notice on 22nd May, 2020 to put a ban on the use of the application until appropriate legislation was passed.
The Zoom application helped many during the pandemic times to resume their work and utilize the time in their hand to its fullest potential. But unfortunately, its ease and accessibility are what caused many issues as well. The public must be aware of the different portals they use for communication as it is a very private activity and at the same time providers and the government must ensure that the security privacy of their citizens is maintained.
LawSikho has created a telegram group for exchanging legal knowledge, referrals and various opportunities. You can click on this link and join: